Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to connect to Sourcehut over SSH on Windows with JJ #4802

Open
miscoined opened this issue Nov 8, 2024 · 2 comments
Open

Unable to connect to Sourcehut over SSH on Windows with JJ #4802

miscoined opened this issue Nov 8, 2024 · 2 comments
Labels
🐛bug Something isn't working 🪟Windows

Comments

@miscoined
Copy link

Description

I'm currently unable to clone or fetch from repos hosted on Sourcehut with JJ on my Windows device using SSH, but it works without JJ. I thought this might be due to #3322 as I was previously getting the same error with Gituhb, but I was able to bypass it by first connecting with ssh -o HostKeyAlgorithms=ssh-rsa "git@github.com" to force it to populate a known_hosts entry with RSA. After that, jj git clone and others worked fine.

This workaround does not work for Sourcehut. It appears that ssh-rsa isn't a valid host key algorithm for Sourcehut:

PS C:\Users\Kelly\Projects> ssh -o HostKeyAlgorithms=ssh-rsa "git@git.sr.ht"
Unable to negotiate with 46.23.81.155 port 22: no matching host key type found. Their offer: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519

I've tried all of the offered key algorithms (wiping known_hosts again every time) and none of them seem to let jj successfully clone. I'm not sure if this is related to #1419 and is a regression with RSA keys for Sourcehut, or whether it's the same issue as #3322 and that none of the algos offered by Sourcehut are valid workarounds.

Please let me know if there's any other information I can provide or any workarounds I can try. I'll try to find time later to test out #3554 as well and see if it resolves this issue.

Steps to Reproduce the Problem

  1. (Optional, gives a different error message) Run ssh -o HostKeyAlgorithms=rsa-sha2-512 "git@git.sr.ht" to add a ssh-rsa entry for Sourcehut to known_hosts
  2. Try to clone a repo hosted at git@git.sr.ht.

Expected Behavior

Repo should clone

Actual Behavior

Without an entry:

Error: invalid or unknown remote ssh hostkey; class=Ssh (23); code=Certificate (-17)
Hint: Jujutsu uses libssh2, which doesn't respect ~/.ssh/config. Does `ssh -F /dev/null` to the host work?

With an entry in known_hosts:

Error: failed to start SSH session: Unable to exchange encryption keys; class=Ssh (23)
Hint: Jujutsu uses libssh2, which doesn't respect ~/.ssh/config. Does `ssh -F /dev/null` to the host work?

Specifications

  • Platform: Windows 10 19045.5011
  • Version: jj 0.23.0-5de285f5eb727b613434979cd9d83c30cabaffae
@thoughtpolice
Copy link
Collaborator

From the version string it looks like you're using a self-compiled version of jj? Can you try using the jj.exe found on the 0.23.0 release page from Wednesday? By default the releases are built against OpenSSL so they should have support for ECDSA/Ed25519, while compiling yourself results in a binary that links against Windows CNG subsystem, which does not support Ed25519 at the very least (though I'd expect ECDSA to work...)

@PhilipMetzger PhilipMetzger added 🐛bug Something isn't working 🪟Windows labels Nov 8, 2024
@miscoined
Copy link
Author

I got this version from the jj.exe in the jj-v0.23.0-x86_64-pc-windows-msvc.zip file on the release page. I copied it directly over the jj.exe obtained from winget install martinvonz.jj. The 0.18 version from the winget install gave me the same results.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🐛bug Something isn't working 🪟Windows
Projects
None yet
Development

No branches or pull requests

3 participants